CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2017-8720 – Microsoft Windows PlgBlt Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-8720
The Microsoft Windows graphics component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8675. El componente de gráficos de Microsoft Windows en Microsoft Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607 y 1703 y Windows Server 2016 permite que se produzca una vulnerabilidad de elevación de privilegios cuando el componente Win32k maneja objetos incorrectamente en la memoria. Esta condición también se conoce como "Win32k Elevation of Privilege Vulnerability". El ID de este CVE es distinto a CVE-2017-8675. • http://www.securityfocus.com/bid/100804 http://www.securitytracker.com/id/1039325 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8720 •
CVSS: 7.6EPSS: 16%CPEs: 12EXPL: 0CVE-2017-8728 – Microsoft Windows PDF Library JPEG2000 Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-8728
Microsoft Windows PDF Library in Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Windows PDF Library handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8737. La biblioteca de PDF de Microsoft Windows en Microsoft Windows 8.1 y Windows RT 8.1, Windows Server 2012 y R2, Windows 10 Gold, 1511, 1607, 1703 y Windows Server 2016 permite a un atacante ejecutar código remotamente en el contexto del usuario actual por la manera en la que la biblioteca de PDF de Windows maneja los objetos en la memoria. Esto también se conoce como "Windows PDF Remote Code Execution Vulnerability". El ID de este CVE es distinto a CVE-2017-8737. • http://www.securityfocus.com/bid/100739 http://www.securitytracker.com/id/1039327 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8728 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 7%CPEs: 13EXPL: 0CVE-2017-8747
https://notcve.org/view.php?id=CVE-2017-8747
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Internet Explorer accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8749. Internet Explorer en Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 y Windows RT 8.1, Windows Server 2012 y R2, Windows 10 Gold, 1511, 1607, 1703 y Windows Server 2016 permiten a un atacante ejecutar código remotamente en el contexto del usuario actual por la manera en la que Internet Explorer accede a los objetos en la memoria. Esto también se conoce como "Internet Explorer Memory Corruption Vulnerability". El ID de este CVE es distinto a CVE-2017-8749. • http://www.securityfocus.com/bid/100765 http://www.securitytracker.com/id/1039328 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8747 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 7%CPEs: 14EXPL: 0CVE-2017-8749
https://notcve.org/view.php?id=CVE-2017-8749
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Internet Explorer accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8747. Internet Explorer en Microsoft Windows 7 SP1, Windows Server 2008 SP2 y R2 SP1, Windows 8.1 y Windows RT 8.1, Windows Server 2012 y R2, Windows 10 Gold, 1511, 1607, 1703 y Windows Server 2016 permiten a un atacante ejecutar código remotamente en el contexto del usuario actual por la manera en la que Internet Explorer accede a los objetos en la memoria. Esto también se conoce como "Internet Explorer Memory Corruption Vulnerability". El ID de este CVE es distinto a CVE-2017-8747. • http://www.securityfocus.com/bid/100770 http://www.securitytracker.com/id/1039328 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8749 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 97%CPEs: 42EXPL: 13CVE-2017-8759 – Microsoft .NET Framework Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-8759
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability." Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 y 4.7 permite que un atacante ejecute código remotamente mediante un documento o aplicación maliciosos. Esto también se conoce como ".NET Framework Remote Code Execution Vulnerability." Microsoft .NET Framework contains a remote code execution vulnerability when processing untrusted input that could allow an attacker to take control of an affected system. • https://www.exploit-db.com/exploits/42711 https://github.com/bhdresh/CVE-2017-8759 https://github.com/Voulnet/CVE-2017-8759-Exploit-sample https://github.com/vysecurity/CVE-2017-8759 https://github.com/nccgroup/CVE-2017-8759 https://github.com/sythass/CVE-2017-8759 https://github.com/JonasUliana/CVE-2017-8759 https://github.com/ashr/CVE-2017-8759-exploits https://github.com/BasuCert/CVE-2017-8759 https://github.com/ChaitanyaHaritash/CVE-2017-8759 https://github.com& •